Re: [dssa] weekly status report
owner-dssa@xxxxxxxxx schrieb am 23.04.2012 14:39:41:
> Von: "Mike O'Connor" <mike@xxxxxxxxxx>
> An: DSSA WG <dssa@xxxxxxxxx>
> Datum: 23.04.2012 14:41
> Betreff: Re: [dssa] weekly status report
> Gesendet von: owner-dssa@xxxxxxxxx
>
>
> yep! there are several things all wrapped together in these scenarios.
>
> -- we'll want to look at normalizing these a bit -- there's a fair
amount of variation in the way that people approached the
> choosing and scaling of things -- part of the magnitude problem comes
from the sensitivity of the arithmetic. each column can add
> an order of magnitude.
>
> -- we have the "one size fits all?" puzzle to look at -- some of these
scenarios play out differently depending on what
> organizational vantage point you're looking from
>
> -- then there's the "where's the data?" question -- i think it's fair to
say that our evaluation in this first ("go fast") pass
> will have to be pretty subjective, with the empirical data rolling in
during "go deep"
>
> what do people think of trying to iron the "normalizing" problem out
with the most massive amazing polling setup you've ever seen
> in Adobe Connect? i'm thinking that we could just walk through each
scenario (no more than a few minutes on each), take an
> initial-reaction poll for each column, and see if we can smooth out the
swings a bit.
alright
>
> i think if we do that, we'd have to agree not to do anything but take
that first poll and note where we agree/disagree. debate
> would have to wait 'til another day because i think in some cases those
debates will take weeks or even months (and may require
> going off after some data). but it would be helpful to get a
first-reaction sense-of-the-group about these, no?
>
> what say you?
>
> mikey
>
>
> On Apr 23, 2012, at 6:55 AM, Jörg Schweiger wrote:
>
> > Hi Mickey, all,
> >
> > not so much a comment on how you (Mikey) did summarizing but an
> > observation possible as a result of your doing so. It seems like we
have
> > to make a pass through the defined scenarios as the thoughts/scales in
> > peoples minds seem to differ quite substantially.
> > Example: "Nation-state alternate root, cyber terrorism and DNS
hacking"
> > (line 9) in its description refers to a risk pretty much simular to
the
> > one stated in "Global, massive attack against a day zero vulnerability
in
> > DNS software ..." (line 39). Nevertheless the "calculated" overall
risk
> > differs some magnitudes. And now compare both cited risks to the risk
of
> > the DDOS scenario. Magnitudes again.
> >
> > regards
> >
> > Jörg
> >
> > ________________________________
> >
> >
> >
> >
> > Von: "Mike O'Connor" <mike@xxxxxxxxxx>
> > An: DSSA WG <dssa@xxxxxxxxx>
> > Datum: 21.04.2012 17:50
> > Betreff: [dssa] weekly status report
> > Gesendet von: owner-dssa@xxxxxxxxx
> >
> >
> >
> > hi all,
> >
> > hey! a status report with a red mark! neato. in this case i'd set a
> > target to get to preliminary consensus on the "confidential
information"
> > draft on the call this week and we didn't get there. but we learned a
lot
> > and conversation has continued on the list. we'll be back with
another
> > try on the call this week. our slippery solution will be to publish
it as
> > "draft" if we can't get to consensus before Prague, but the
conversation
> > is good and the draft is definitely getting better so i'm calm.
> >
> > i've come up with a first-try at the "summary" worksheet we mentioned
on
> > the call, and have posted it to the Worksheets page on the wiki. it
has
> > two tabs because the columns for table I-5 (Adversarial risk
scenarios)
> > are slightly different than the ones in table I-6 (Non-Adversarial
Risk
> > Scenarios). i've also taken a really-preliminary try at clumping
them.
> > here's the link to the page (look down at the very bottom of the page
for
> > the spreadsheet -- dated 21-April-2012);
> >
> >
> > https://community.icann.org/display/AW/Risk+Scenario+worksheets
> >
> > thanks,
> >
> > mikey
> >
> > [Anhang "DSSA Status report 49 Sheet1.pdf" gelöscht von Jörg
> > Schweiger/Denic]
> > - - - - - - - - -
> > phone 651-647-6109
> > fax 866-280-2356
> > web http://www.haven2.com
> > handle OConnorStP (ID for public places like Twitter,
Facebook,
> > Google, etc.)
> >
> >
> >
>
> - - - - - - - - -
> phone 651-647-6109
> fax 866-280-2356
> web http://www.haven2.com
> handle OConnorStP (ID for public places like Twitter, Facebook,
Google, etc.)
>
>
Attachment:
smime.p7s
|